‘…working with Wipro, (a call centre provider to TalkTalk and a number of other major businesses) and the local Police in Kolkata. Acting on information supplied by TalkTalk, the local Police have arrested three individuals who have breached our policies and the terms of our contract with Wipro. We are also reviewing our relationship with Wipro.’

It’s not clear from that statement exactly what the breach was, though TalkTalk’s own advice on scam phone calls, linked from the press release, mentions suspicious behaviours in which TalkTalk say it does not engage:

We’ll NEVER call, text, or send links and attachments over email asking to ‘remote connect’ to your computer, unless we have had a specific request from you.

TalkTalk will NEVER call, text, or send links and attachments over email asking you to download software onto your PC, unless you have previously contacted us, discussed and agreed a call back for this to take place.

For Channel 4 (that’s the one in the UK), Geoff White links the arrests with a story from last December about ‘a wave of thefts in which scammers used the hacked data to impersonate TalkTalk staff.’ However, the scam in this instance was more complex and even uglier than the average ‘your computer has a virus but we can fix it for you, for a fee’ cold call. One of the victims told Channel 4 that they would send someone the next day to fix the problem, but that they would be paying her £200 ‘for her trouble.’ However, they tricked her into thinking they’d overpaid her, and thus into wiring £5,000 to someone in Bangkok. The mechanism behind the con is unclear, but the article states that the scammers had hacked the victim’s computer so that ‘when she logged into her bank to get the refund, they tricked her into thinking they’d overpaid her.’

If the December story is accurate, it suggests an interesting merging of a support scam with a direct hack against her system to implement a variation on the classic ‘overpayment scam’ so beloved of 419 and other scammers. However, that story also links the scam to the hacking of TalkTalk in November. White claims that Wipro’s name came up when he was researching that story, though he doesn’t say that the Kolkata police investigation into Wipro is a direct result of the story.

The details remain murky – did the scammers in the December story use information from the November hack, or from the Wipro staff currently under arrest? – but as Graham Cluley pointed out, with reference to the November hack:

The truth is that even if the data taken from TalkTalk’s database isn’t in itself enough to commit identity theft, it can be used by criminals to help them steal more information (there are already many reports of TalkTalk customers being contacted by scammers via the telephone, pretending to be calling from the real company)

It’s interesting that the news is breaking at around the same time as there has been speculation about data records that may have leaked from Dell and been misused subsequently by support scammers. I’ll be interested to see how the stories develop over time, and whether any of that speculation is borne out.